package com.juphoon.oauth.oauth;

import com.juphoon.oauth.core.config.Const;
import com.juphoon.oauth.core.properties.SecurityProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

/**
 *
 * @author rongbin.huang
 * @date 2018/4/18
 * OAuth2 服务
 */
@Configuration
@EnableAuthorizationServer
public class AppAuthorizationConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private UserDetailsService userService;

    @Autowired
    private TokenStore tokenStore;

    @Autowired(required = false)
    private JwtAccessTokenConverter jwtAccessTokenConverter;

    @Autowired
    private SecurityProperties securityProperties;

    @Autowired(required = false)
    private ClientDetailsService clientDetailsService;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        if (Const.ClientDbType.JDBC.equals(securityProperties.getOauth2().getClientDb())) {
            clients.withClientDetails(clientDetailsService);
        } else {
            clients.inMemory()
                    .withClient(securityProperties.getOauth2().getClientId())
                    .secret("{noop}" + securityProperties.getOauth2().getSecret())
                    .scopes("all")
                    .resourceIds()
                    .authorizedGrantTypes("password", "refresh_token")
                    .accessTokenValiditySeconds(securityProperties.getOauth2().getAccessTokenValiditySeconds())
                    .refreshTokenValiditySeconds(securityProperties.getOauth2().getRefreshTokenValiditySeconds());
        }

    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                .tokenStore(tokenStore)
                .authenticationManager(authenticationManager)
                .userDetailsService(userService);
        if (jwtAccessTokenConverter != null) {
            endpoints.accessTokenConverter(jwtAccessTokenConverter);
        }
    }

}
